With the 2011-09-23 news of the following:
"BEAST attacks algorithms that use a mode known as cipher block chaining (CBC), in which information from a previously encrypted block of data is used to encode the next block. AES and DES, two strong cryptographic algorithms used to secure network and Web traffic, both use CBC. The RC4 cipher does not."
there is concern that we need to re-order our preferred cipher list and possibly eliminate certain ciphers from our list of supported ciphers.
I've read the below links and wondered if anyone knows of any "F5 responses" to the latest threats ... like "here is how to handle this if you are worried about it".
Researchers Claim Attack Tool Can Crack Encrypted Web Traffic
http://www.eweek.com/c/a/Security/Researchers-Claim-Attack-Tool-Can-Crack-Encrypted-Web-Traffic-222593/?kc=rss
New Attack Breaks Confidentiality Model of SSL, Allows Theft of Encrypted Cookies
http://threatpost.com/en_us/blogs/new-attack-breaks-confidentiality-model-ssl-allows-theft-encrypted-cookies-091611
sol8802: Using SSL ciphers with BIG-IP Client SSL and Server SSL profiles
http://support.f5.com/kb/en-us/solutions/public/8000/800/sol8802.html
sol11444: SSL ciphers supported on BIG-IP platforms in version 10.x
http://support.f5.com/kb/en-us/solutions/public/11000/400/sol11444.html
sol10262: SSL ciphers used in the default SSL profiles in BIG-IP version 10.x
http://support.f5.com/kb/en-us/solutions/public/10000/200/sol10262.html
sol6739: SSL ciphers that are fully hardware accelerated on BIG-IP platforms
http://support.f5.com/kb/en-us/solutions/public/6000/700/sol6739.html
sol7815: Configuring the cipher strength for SSL profiles
http://support.f5.com/kb/en-us/solutions/public/7000/800/sol7815.html
sol11631: SSL ciphers used in the clientssl-insecure-compatible and serverssl-insecure-compatible SSL profiles
http://support.f5.com/kb/en-us/solutions/public/11000/600/sol11631.html?sr=16754854
SSL Profiles Part 4: Cipher Suites
http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1086418/SSL-Profiles-Part-4-Cipher-Suites.aspx
Best practice for ssl ciphers
http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/52/aft/1168042/showtab/groupforums/Default.aspx